Book Image

Mastering Windows Security and Hardening

By : Mark Dunkerley, Matt Tumbarello
Book Image

Mastering Windows Security and Hardening

By: Mark Dunkerley, Matt Tumbarello

Overview of this book

Are you looking for effective ways to protect Windows-based systems from being compromised by unauthorized users? Mastering Windows Security and Hardening is a detailed guide that helps you gain expertise when implementing efficient security measures and creating robust defense solutions. We will begin with an introduction to Windows security fundamentals, baselining, and the importance of building a baseline for an organization. As you advance, you will learn how to effectively secure and harden your Windows-based system, protect identities, and even manage access. In the concluding chapters, the book will take you through testing, monitoring, and security operations. In addition to this, you’ll be equipped with the tools you need to ensure compliance and continuous monitoring through security operations. By the end of this book, you’ll have developed a full understanding of the processes and tools involved in securing and hardening your Windows environment.
Table of Contents (19 chapters)
Section 1: Getting Started
Section 2: Applying Security and Hardening
Section 3: Protecting, Detecting, and Responding for Windows Environments

Chapter 12: Security Operations

In this chapter, we will cover security operations and exactly what it entails. Like a technical operations team, it is just as important to have a security operations team or Security Operations Center (SOC) and program in place. This team's day-to-day responsibilities include 24/7 monitoring and responding to any security-related incidents within your environment or with your users. This is a critical component and a necessity of the overall security program today.

In this chapter, we will focus on the Microsoft technologies available that can support your SOC and provide the insights needed to ensure your servers, end user devices, and users are safe. We will first cover an introduction to a SOC and provide an overview of what is needed to make this a successful operation. We will then review the Microsoft 365 (M365) security center, which provides a centralized place for monitoring Microsoft security solutions. Next, we will cover Microsoft...